IBM in Washington DC with a law firm accusing Big Blue and an unknown employee of hacking into it and its clients’ email.

A remarkable case has started against IBM in Washington DC with a law firm accusing Big Blue and an unknown employee of hacking into it and its clients’ email. Butera & Andrews is a law firm based in DC, and the case is being brought under the Computer Fraud and Abuse Act, the Stored Communications Act and the Electronic Communication Privacy Act. The firm said in its allegation that an employee suspected last October or November that the email server, contracted out to Virginian firm Sierra Corporation, had been compromised.

Open source software security vulnerabilities

Security vulnerabilities in open source could mean that companies are opening their doors to viruses, software exploits and other problems that could adversely affect their businesses, users and customers, says the company.

It cites security expert John Viega: “The very things that can make open source programs secure – the availability of the source code, and the fact that large numbers of users are available to look for and fix security holes – can also lull people into a false sense of security.”

Rob Rachwald, director of product marketing at Fortify, says that in fact, the Open Source Vulnerability Database in 2006 showed more than 8,500 vulnerabilities. And the problem, he suggests, is that many open source communities do not utilise security experts, meaning that their security processes tend to be inadequate.

“Are these sufficient reasons to totally avoid open source software,” he asks? “No: the merits of open source usually outweigh the downsides, but the enterprise that blindly opens its doors to open source software without fully judging the security challenges is asking for trouble